Welcome to WarBulletin - your new best friend in the world of gaming. We're all about bringing you the hottest updates and juicy insights from across the gaming universe. Are you into epic RPG adventures or fast-paced eSports? We've got you covered with the latest scoop on everything from next-level PC gaming rigs to the coolest game releases. But hey, we're more than just news! Ever wondered what goes on behind the scenes of your favorite games? We're talking exclusive interviews with the brains behind the games, fresh off-the-press photos and videos straight from gaming conventions, and, of course, breaking news that you just can't miss. We know you love gaming 24/7, and that's why we're here round the clock, updating you on all things gaming. Whether it's the lowdown on a new patch or the buzz about the next big gaming celeb, we're on it.

Contacts

  • Owner: SNOWLAND s.r.o.
  • Registration certificate 06691200
  • 16200, Na okraji 381/41, Veleslavín, 162 00 Praha 6
  • Czech Republic

Millions of AMD CPUs found vulnerable to 18-year-old 'Sinkclose' deep-system flaw but it's pretty difficult to exploit

Security researchers have discovered a vulnerability that affects almost all AMD CPUs, allowing access to some of the deepest parts of the chip. Named 'Sinkclose', the flaw allows attackers that already have kernel-level access to modify SMM (System Management Mode) settings even with existing protections enabled.

Attackers could use the flaw to install malware that would be virtually undetectable, and extremely difficult to remove. However, gaining kernel access in the first place is no easy task, and AMD has already begun releasing fixes for some of the affected chips (via Bleeping Computer). 

The vulnerability was discovered by researchers Enrique Nissim and Krzysztof Okupski, two researchers from security services firm IOActive, who presented their findings at this year's Def Con security conference in Las Vegas over the weekend. 

Exploiting the flaw would require attackers to first establish kernel access on a target machine via a different attack method. This level of system access is defined as a Ring 0 privilege and essentially opens up the heart of the system to further attack. If successful, an attacker could then enable Ring -2 privileges to install an undetectable bootkit that compromises the master boot record, meaning that even an OS reinstall would be unable to remove it.

System Management Mode (SMM) is one of the deepest operating modes of an x86 architecture chip and is intended to be used by the BIOS/UEFI for power management, system hardware control and some proprietary OEM-designed code. Once compromised, no antivirus or anti-malware program would be able to detect malicious code running this deep in the heart of the system. To detect it, a user would have to physically connect to the CPU to scan the memory for malware.

AMD has released an advisory notice detailing chips vulnerable to the attack, along with firmware fixes that are being provided to OEMs for BIOS updates to fix the flaw. However, Ryzen 3000, 2000 and 1000 series chips will not

Read more on pcgamer.com
Prev Post
Valve's Unannounced Hero Shooter Has Already Pulled In Over 10,000 Players

Related News

Latest Posts
Gigabyte Intros Eight X870E & X870 Motherboards In Aorus & Gaming Flavors For AMD Ryzen CPUs
  • By wccftech.com

Gigabyte Intros Eight X870E & X870 Motherboards In Aorus & Gaming Flavors For AMD Ryzen CPUs

Intel Arrow Lake-S Core Ultra 5 245, Core Ultra 5 235 & Core Ultra 3 205 CPUs Clocks Detailed
  • By wccftech.com

Intel Arrow Lake-S Core Ultra 5 245, Core Ultra 5 235 & Core Ultra 3 205 CPUs Clocks Detailed

AMD EPYC 9755 Turin “Zen 5” CPU With 128 Cores Is Twice As Fast As EPYC 9754 Bergamo “Zen 4C” CPU With 128 Cores
  • By wccftech.com

AMD EPYC 9755 Turin “Zen 5” CPU With 128 Cores Is Twice As Fast As EPYC 9754 Bergamo “Zen 4C” CPU With 128 Cores

Abduct humans to put them on display in this theme park sim set in the same universe as a 27-year-old banger of a black comedy film
  • By gamesradar.com

Abduct humans to put them on display in this theme park sim set in the same universe as a 27-year-old banger of a black comedy film

Diablo 4: Vessel of Hatred revives the action-RPG series' 24-year-old tradition of letting you hire mercenaries to fight alongside you
  • By gamesradar.com

Diablo 4: Vessel of Hatred revives the action-RPG series' 24-year-old tradition of letting you hire mercenaries to fight alongside you

Vampire Survivors update rolls out new dark arcanas, but the best part is a retired guy in his rocking chair
  • By pcgamer.com

Vampire Survivors update rolls out new dark arcanas, but the best part is a retired guy in his rocking chair